一年到头了,我明天就回家了,今天是BGP最后一篇《使用前缀列表过滤BGP路由》。相信这些日子这么多BGP的篇章能给大家带来帮助。春节过后再来关注IPV6或交换。提前祝大家新年快乐。给大家拜个早年。一会就要走了,不说其它的了。下面把这篇刚写好的文章贴出来:
 
一、拓扑图:
 
二、基本配置:
1 、配置各路由器的IP地址和BGP协议,下面来看一下详细配置:
 
R1(config-if)#router bgp 64512<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />

R1(config-router)#net 172.16.0.0 mask 255.255.255.0

R1(config-router)#net 172.16.1.0 mask 255.255.255.128

R1(config-router)#net 172.16.2.0 mask 255.255.255.192

R1(config-router)#net 172.16.3.0 mask 255.255.255.224

R1(config-router)#net 172.16.4.0 mask 255.255.255.240

R1(config-router)#net 172.16.255.0 mask 255.255.255.252

R1(config-router)#nei 172.16.255.2 remote 64512

 

R2(config-if)#router bgp 64512

R2(config-router)#net 172.16.255.0 mask 255.255.255.252

R2(config-router)#net 10.1.255.0 mask 255.2

R2(config-router)#net 10.1.255.0 mask 255.255.255.252

R2(config-router)#nei 172.16.255.1 remote 64512

R2(config-router)#nei 10.1.255.2 remote

R2(config-router)#nei 10.1.255.2 remote 64513

 

R3(config-if)#router bgp 64513

R3(config-router)#net 10.1.255.0 mask 255.255.255.252

R3(config-router)#nei 10.1.255.1 remote 64512

2 、配置完之后,咱们来看一下R3的路由表:
R3#sh ip route

………………

Gateway of last resort is not set

 

     172.16.0.0/16 is variably subnetted, 6 subnets, 6 masks

B       172.16.255.0/30 [20/0] via 10.1.255.1, 00:00:32

B       172.16.4.0/28 [20/0] via 10.1.255.1, 00:00:02

B       172.16.0.0/24 [20/0] via 10.1.255.1, 00:00:02

B       172.16.1.0/25 [20/0] via 10.1.255.1, 00:00:02

B       172.16.2.0/26 [20/0] via 10.1.255.1, 00:00:02

B       172.16.3.0/27 [20/0] via 10.1.255.1, 00:00:02

     10.0.0.0/30 is subnetted, 1 subnets

C       10.1.255.0 is directly connected, Serial1/0

三、要求与配置步骤:
1R3 拒绝收到 172.16.0.0/24172.16.1.0/25两条 BGP路由条目,其它的 BGP路由都能收到。
A:下面来看在 R2上的配置:
R2(config)#ip prefix-list set_filter seq 1 deny 172.16.0.0/24

R2(config)#ip prefix-list set_filter seq 2 deny 172.16.1.0/25建立一个名为set_filter序号为2的前缀列表拒绝172.16.1.0/25这条路由)

R2(config)#ip prefix-list set_filter seq 3 perm 0.0.0.0/0 le 32 小于32位的子网路由会被匹配,目的是允许所有的其它路由相当于permit any的列表)

R2(config)#router bgp 64512

R2(config-router)#nei 10.1.255.2 prefix-list set_filter out(在下游出口方向对R3应用前缀列表)

B:查看 R3路由表以验证效果:
R3#sh ip route

………………

Gateway of last resort is not set

 

     172.16.0.0/16 is variably subnetted, 4 subnets, 4 masks

B       172.16.255.0/30 [20/0] via 10.1.255.1, 00:16:19

B       172.16.4.0/28 [20/0] via 10.1.255.1, 00:15:49

B       172.16.2.0/26 [20/0] via 10.1.255.1, 00:15:49

B       172.16.3.0/27 [20/0] via 10.1.255.1, 00:15:49 (有两条BGP路由不见了,其它的都能收到)

     10.0.0.0/30 is subnetted, 1 subnets

C       10.1.255.0 is directly connected, Serial1/0

2R3允许收到 172.16.3.0/27172.16.255.0/30这两条 BGP路由,其它 BGP路由的拒绝。
A:把之前的 prefix-list NO 掉,重新配置 R2
R2(config)#no ip prefix-list set_filter seq 1 deny 172.16.0.0/24

R2(config)#no ip prefix-list set_filter seq 3 perm 0.0.0.0/0 le 32

R2(config)#no ip prefix-list set_filter seq 2 deny 172.16.1.0/25

R2(config)#router bgp 64512

R2(config-router)#no nei 10.1.255.2 prefix-list set_filter out

 

R2(config)#ip prefix-list set_filter seq 1 permit 172.16.3.0/27

R2(config)#ip prefix-list set_filter seq 2 permit 172.16.255.0/30

R2(config)#        (和ACL一样,默认会有一条拒绝所有)

R2(config-router)#nei 10.1.255.2 prefix-list set_filter out (对R3邻居应用)

B:配置完之后,再到 R3上验证一下:
R3#clear ip bgp * soft

R3#sh ip route

………………

Gateway of last resort is not set

 

     172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks

B       172.16.255.0/30 [20/0] via 10.1.255.1, 00:31:19

B       172.16.3.0/27 [20/0] via 10.1.255.1, 00:30:49  (仅能收到这两条BGP路由)

     10.0.0.0/30 is subnetted, 1 subnets

C       10.1.255.0 is directly connected, Serial1/0

3允许172.16.0.0/22网络下,子网掩码长度 大于或等于 26位的子网路由能收到。 ge=greater or equal大于或等于,le=less or equal小于或等于)
 A:把之前的 ip prefix-list NO 掉,再到 R2上配置:
R2(config)#ip prefix-list set_filter seq 1 permit 172.16.0.0/22 ge 26

R2(config)#ip prefix-list set_filter seq 2 permit 172.16.255.0/30

R2(config)#router bgp 64512

R2(config-router)#nei 10.1.255.2 prefix-list set_filter out

B :配置完之后再来看一下R3的路由:
R3#sh ip route

………………

 

Gateway of last resort is not set

 

     172.16.0.0/16 is variably subnetted, 3 subnets, 3 masks

B       172.16.255.0/30 [20/0] via 10.1.255.1, 01:35:15

B       172.16.2.0/26 [20/0] via 10.1.255.1, 00:07:05

B       172.16.3.0/27 [20/0] via 10.1.255.1, 01:34:44

     10.0.0.0/30 is subnetted, 1 subnets

C       10.1.255.0 is directly connected, Serial1/0

 
4允许172.16.0.0/22网络下,子网掩码长度小于或等于25位的子网路由能收到。 ge=greater or equal大于或等于,le=less or equal小于或等于)
 A:把之前的ip prefix-list NO掉,在R2上重新配置:
R2(config)#ip prefix-list set_filter seq 1 per 172.16.0.0/22 le 25

R2(config)#ip prefix-list set_filter seq 2 permit 172.16.255.0/30

R2(config)#router bgp 64512

R2(config-router)#nei 10.1.255.2 prefix-list set_filter out

B:再来看一下R3的路由:
R3#clear ip bgp * soft

R3#sh ip route

………………

Gateway of last resort is not set

 

     172.16.0.0/16 is variably subnetted, 3 subnets, 3 masks

B       172.16.255.0/30 [20/0] via 10.1.255.1, 02:27:57

B       172.16.0.0/24 [20/0] via 10.1.255.1, 00:00:00

B       172.16.1.0/25 [20/0] via 10.1.255.1, 00:00:00

     10.0.0.0/30 is subnetted, 1 subnets

C       10.1.255.0 is directly connected, Serial1/0

5允许172.16.0.0/22网络下,子网掩码长度大于或等于25位但同时又小于等于26的子网路由能收到。 ge=greater or equal大于或等于,le=less or equal小于或等于)
 A、同样把之前的ip prefix-list NO 掉:

R2(config)#ip prefix-list set_filter seq 1 per 172.16.0.0/22 ge 25 le 26

R2(config)#ip prefix-list set_filter seq 2 permit 172.16.255.0/30

R2(config)#router bgp 64512

R2(config-router)#nei 10.1.255.2 prefix-list set_filter out

B:到R3上去看一下效果:
R3#sh ip route

………………

Gateway of last resort is not set

 

     172.16.0.0/16 is variably subnetted, 3 subnets, 3 masks

B       172.16.255.0/30 [20/0] via 10.1.255.1, 02:34:54

B       172.16.1.0/25 [20/0] via 10.1.255.1, 00:06:57

B       172.16.2.0/26 [20/0] via 10.1.255.1, 00:00:00

     10.0.0.0/30 is subnetted, 1 subnets

C       10.1.255.0 is directly connected, Serial1/0